1. Field
The present disclosure relates to data processing, and more specifically, to a transfer of files with arrays of strings in SOAP messages.
2. Description of the Related Art
Transfer of information is the main activity in a data-processing network; particularly, this comprises the transfer of files that are stored on non-volatile memories of the network in a durable way (so as to remain available even after their current use).
A typical example is in web services, wherein a collection of services (i.e., stand-alone basic tasks) may be exploited over the Internet through an interface being formally defined in a public document (irrespectively of the actual implementation of the offered services)—for example, in the Web Services Description Language (WSDL). The web services have become the standard platform for application integration, being the fundamental building blocks in the move to distributed computing on the Internet. For this purpose, the web services are accessed via ubiquitous transport protocols (as specified in their WSDL documents).
An example of transport protocol that is commonly used to transfer information in web services is the Simple Object Access Protocol (SOAP). The SOAP is a high-level transport protocol based on the Extensible Markup Language (XML), which allows the transfer of messages between heterogeneous nodes—independently of the bounding of the SOAP messages to the actual transport protocols that are used to convey them.
However, few techniques are available to transfer files via SOAP messages. For example, US-A-2010/0223462 (the entire disclosure of which is herein incorporated by reference) discloses a technique for exposing a file system of a Local Area Network (LAN) behind its firewall to a remote device through web services. For this purpose, messages conforming to a file sharing protocol (such as the CIFS) are included into SOAP messages with attachments (Swa). However, the SOAP messages with attachments are not of general applicability. The alternative possibility of embedding the CIFS messages into the CDATA field of the SOAP messages is instead discarded because of its overhead.
Another known technique for transferring binary data via SOAP messages is the Message Transmission Optimization Mechanism (MTPM); in this case, the specification of the SOAP messages is updated to support the transmission of the binary data separately.
However, all the known techniques modify the standard SOAP specification; for example, this result is achieved by extending the core functionality of the standard SOAP specification with additional dedicated features, or by defining a proprietary version of the SOAP specification. In any case, this makes the available techniques not of general applicability, thereby hindering their integration. A further problem relating to the transfer of files via SOAP messages is their security.
With reference to the transfer of simple data via SOAP messages, some techniques have been proposed for encrypting this data. For example, US-A-2005/0081039 (the entire disclosure of which is herein incorporated by reference) discloses a technique for verifying encrypted SOAP messages. For this purpose, a SOAP message is created by inserting data (to be sent to a recipient) encrypted using a session key into its body, and a signature of part of the data, the session key and the signature encrypted using a public key of the recipient into its header; the recipient of the SOAP message decrypts the session key and the signature with its private key, and then uses the session key to decrypt the signature (in order to verify it) and the data. This allows protecting the SOAP message against any signature forgery. However, this technique does not ensure a very high degree of security.
With reference instead to the transfer of files via SOAP messages, the above-mentioned document US-A-2010/0223462 mentions the possibility of establishing secure connections through a Virtual Private Network (VPN). However, the VPN involves high resource consumption, takes time to start up and does time-out when there is no activity (so that is may be untenable in specific applications—for example, with mobile devices or wireless networks).